The SBA announced that a data breach in March affected nearly 8,000 small business owners who applied for loans in March. 

Applicants seeking Economic Injury Disaster Loans (EIDL), had their data compromised when a software glitch in the loan portal led to other business owner’s data to be exposed when people applied for loans.  The breach did not affect the Paycheck Protection Program loans, which use a different system.  The SBA discovered the issue on March 25, 2020, and immediately shut down the part of the site that was causing the problem. 

The SBA stated that personally identifiable information was involved in the breach, including names, Social Security numbers, citizenship status, and other sensitive information.  The SBA sent out letters to the affected parties on April 13, 2020.  The agency will provide a year of free credit monitoring to the involved business owners.